<?php 
require_once 'config.php';

try {
		$db = new PDO('pgsql:host='.DB_HOST.';dbname='.DB_NAME, DB_USER, DB_PASS);
} catch (PDOException $e) {
	print "Error!:" . $e->getMessage();
	die();
}
$where = '';
if (!empty($_GET['login']) && !empty($_GET['password'])){
	$login = $_GET['login'];
	$password = $_GET['password'];
	$where = sprintf("");
	$sql = sprintf('SELECT "id", "phone" FROM "users" WHERE "phone" LIKE \'%s\' AND "password" LIKE \'%s\'', $login,$password);
	$result = '{"response":[';
	$user = $db->query($sql)>fetch();
	if (!empty($user)){
		$id = $user['id'];
		$phone = $user['phone'];
		$token = md5(time());
		$expiration = time() + 24*60*60;
		$result .= sprintf('{"id":%d,"phone":"%s","token":"%s","expiration":%d}',$id,$phone,$token,$expiration);

		$sql_upd = sprintf('UPDATE "users" SET "TOKEN"=\'%s\', "EXPIRATION"=to_timestamp(%d) WHERE "id"=%d', $token,$expiration,$id);
		$db->exec($sql_upd);
	}
	
	$result = rtrim($result, ",");
	$result .= ']}';
	
	echo $result;
}
else{
	echo '{"error": {"text": "�� ������� ����� �/��� ������"}}';
}
?>
